PYSEC-2024-75

🗓️ 29 Jul 2024 16:15:00Reported by GoogleType

osv

osv🔗 osv.dev👁 17 Views

Twisted framework HTML injection vulnerability patched in version 24.7.0rc

Reporter	Title	Published	Views	Family All 79
IBM Security Bulletins	Security Bulletin: IBM Watson Speech Services Cartridge v4.8.8 is vulnerable to cross-site scripting in Twisted [CVE-2024-41810]	1 May 202519:37	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerability Werkzeug, Twisted-22.10.0-py3, requests-2.32.2-py3, commons-lang-2.6, commons-fileupload-1.5, urllib3-2.2.2, jetty-server-9.4.56.v20240826 affect IBM Cloud Object Storage Systems (Oct 2025)	24 Oct 202515:45	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to cross-site scripting in Twisted [CVE-2024-41810]	27 Feb 202514:58	–	ibm
Tenable Nessus	Amazon Linux 2023 : python3-twisted, python3-twisted+tls (ALAS2023-2024-746)	31 Oct 202400:00	–	nessus
Tenable Nessus	Azure Linux 3.0 Security Update: python-twisted (CVE-2024-41810)	10 Feb 202500:00	–	nessus
Tenable Nessus	Debian dla-3970 : python3-twisted - security update	28 Nov 202400:00	–	nessus
Tenable Nessus	Debian dsa-5797 : python3-twisted - security update	25 Oct 202400:00	–	nessus
Tenable Nessus	CBL Mariner 2.0 Security Update: python-twisted (CVE-2024-41810)	19 Aug 202400:00	–	nessus
Tenable Nessus	RHEL 8 / 9 : Red Hat Ansible Automation Platform 2.4 Product Security and Bug Fix Update (Moderate) (RHSA-2024:7312)	27 Sep 202400:00	–	nessus
Tenable Nessus	SUSE SLES12 Security Update : python-Twisted (SUSE-SU-2024:2732-1)	6 Aug 202400:00	–	nessus

Source	Link
github	www.github.com/twisted/twisted/security/advisories/GHSA-cf56-g6w6-pqq2
github	www.github.com/twisted/twisted/commit/046a164f89a0f08d3239ecebd750360f8914df33

11 Sep 2024 19:42Current

6Medium risk

Vulners AI Score6

CVSS 3.16.1

EPSS0.01109

twisted framework html injection vulnerability patched version python 3.6+